{"id":1782,"date":"2013-04-17T11:58:16","date_gmt":"2013-04-17T15:58:16","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=1782"},"modified":"2013-04-17T11:58:16","modified_gmt":"2013-04-17T15:58:16","slug":"android-infections-tripled-in-2012-bill-shocker-costliest-mobile-malware-ever","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/04\/17\/android-infections-tripled-in-2012-bill-shocker-costliest-mobile-malware-ever\/","title":{"rendered":"Android infections tripled in 2012, "Bill Shocker" costliest mobile malware ever"},"content":{"rendered":"

Android has become an increasingly popular target for malware authors, a recent report (pdf) by NQ Mobile indicates. The security firm claims that it discovered over 65,000 types of malware — more than double the amount from 2011 — and bills Android as the number one mobile platform targeted by malware attacks.
\nForms of social engineering (i.e. phishing) remain a favored way to attack Android owners for profit. Smishing, a SMS-based phishing technique, is one such tactic popular in the mobile world. Meanwhile, repackaged apps from third-party app stores and malicious websites were also common vectors of infection exploited by malware authors.
\nWhile the number of infected packages effectively doubled, the quantity of infected Android devices tripled between 2011 and 2012 from 24,794 to 65,227. In 2009, that number was only 1,649.<\/p>\n

\"\"<\/a><\/p>\n

The most noteworthy Android-based badware was “Bill Shocker”, a prolific mobile malware which NQ Mobile labeled as the most infectious and costly in history. Largely only an issue in China, the aptly named Bill Shocker would take control of an Android smartphone and silently send texts from the device to premium rate numbers. Premium SMS messages are billed to the owner’s account without their explicit consent — this is also known as toll fraud.
\nOther honorable mentions include VDloader, DDSpy, DyPusher and FireLeaker — each with their own distinct attack vectors and payloads.<\/p>\n

\"\"<\/a><\/p>\n

Although most malware is ostensibly incentivized by financial motives, as many as 7 percent of payload-carrying packages were designed to brick a user’s smartphone. Meanwhile, 28 percent were designed to collect information for profit while 65 percent fell into the often less-hazardous category of PUP (a potentially unwanted program).
\nvia Android infections tripled in 2012, “Bill Shocker” costliest mobile malware ever – TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Android has become an increasingly popular target for malware authors, a recent report (pdf) by NQ Mobile indicates. The security […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,9,10],"tags":[65,341,424,655,990],"class_list":["post-1782","post","type-post","status-publish","format-standard","hentry","category-security","category-software","category-technology","tag-android","tag-exploit","tag-google","tag-malware","tag-sms"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-sK","jetpack-related-posts":[{"id":3197,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/08\/19\/malware-hijacks-mobile-ad-networks-to-siphon-money\/","url_meta":{"origin":1782,"position":0},"title":"Malware hijacks mobile ad networks to siphon money","author":"NCCT","date":"August 19, 2013","format":false,"excerpt":"Asian cybercriminals have figured out an unusual way to use the architecture of a mobile ad network to siphon money from their victims. The new method represents another step in the evolution of mobile malware, which is booming with more smartphones shipping than PCs. Mobile ad networks open up the\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6209,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/08\/12\/classic-facebook-color-changer-scam-makes-another-comeback\/","url_meta":{"origin":1782,"position":1},"title":"Classic Facebook “Color Changer” scam makes another comeback","author":"NCCT","date":"August 12, 2014","format":false,"excerpt":"On Facebook, some scams are so alluring that they seem to live forever. So it goes with \u201cFacebook Color Changer,\u201d a new malware attack that masquerades as a way to change the appearance of Facebook\u2019s Website. Security firm Cheetah Mobile claims that the latest scam has affected more than 10,000\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6294,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/08\/27\/research-team-creates-undetectable-malware-bound-to-legitimate-software-downloads\/","url_meta":{"origin":1782,"position":2},"title":"Research team creates undetectable malware bound to legitimate software downloads","author":"NCCT","date":"August 27, 2014","format":false,"excerpt":"Most cyber attacks from your typical home hacker, come by way of techniques used 10 years ago or more like phishing scams, poor password management, and things of that nature. But now it seems as though a research team from Germany has developed on all new strain of malware. The\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7294,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/29\/beware-fake-the-interview-movie-download-app-is-in-the-wild\/","url_meta":{"origin":1782,"position":3},"title":"Beware: Fake “The Interview” movie download app is in the wild","author":"NCCT","date":"December 29, 2014","format":false,"excerpt":"\"The Interview\" is undeniably the hottest movie of the year, which is a comedy about a plan to kill North Korea's leader, Kim Jong-un. It has also been the most controversial, backed by disputes with hackers threatening theaters who will play the said movie with physical action, and also by\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3156,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/08\/09\/hand-of-thief-banking-trojan-doesnt-do-windows-but-it-does-linux\/","url_meta":{"origin":1782,"position":4},"title":"\u201cHand of Thief\u201d banking trojan doesn\u2019t do Windows\u2014but it does Linux","author":"NCCT","date":"August 9, 2013","format":false,"excerpt":"Signaling criminals' growing interest in attacking non-Windows computers, researchers have discovered banking fraud malware that targets people using the open-source Linux operating system. Hand of Thief, which was recently discovered by researchers from security firm RSA, sells for about $2,000 in underground Internet forums and boasts its own support and\u2026","rel":"","context":"In "Linux"","block_context":{"text":"Linux","link":"https:\/\/nccomputertech.com\/techtalk\/category\/linux\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2013\/08\/hand-of-thief-640x294.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2013\/08\/hand-of-thief-640x294.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2013\/08\/hand-of-thief-640x294.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":7150,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/17\/russian-malware-targets-wordpress-users-over-100000-sites-infected\/","url_meta":{"origin":1782,"position":5},"title":"Russian malware targets WordPress users, over 100,000 sites infected","author":"NCCT","date":"December 17, 2014","format":false,"excerpt":"Our blog was not affected...NCCT. A Russian malware dubbed SoakSoak has infected nearly 100,000 WordPress websites since Sunday, prompting Google to blacklist over 11,000 of those domains (the number is increasing), according to a report from cybersecurity firm Sucuri. The malware exploits a previously-known vulnerability in a WordPress plugin called\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1782","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=1782"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1782\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=1782"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=1782"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=1782"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}